CVE-2015-0689

high

Published 2017-09-19 · Modified 2026-05-13

CVSS v3

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2

5.0

VIR risk

7.5

Description

Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743.

Predictions

Exploit likelihood

83%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — https://tools.cisco.com/security/center/viewAlert.x?alertId=38221

Application impact

Vendor	Product	Versions	Fixed
cisco	cloud_web_security	`{"endIncluding":"3.0.1.2"}`

References

https://tools.cisco.com/security/center/viewAlert.x?alertId=38221
https://tools.cisco.com/security/center/viewAlert.x?alertId=38221

CWEs

CWE-19 CWE-119

Verify integrity in audit chain (admin only). AS-IS.